Chinese government hackers have attempted to steal the secret sauce that makes American tech and drug companies tick, according to a prominent cybersecurity company.
Determining who is behind an attack is an extremely tricky business, since hackers can easily mask their locations.
But cyber firm Crowdstrike said in a blog post Monday that several factors, including the hackers’ signature computer code, indicated that they were Chinese government-sponsored hackers.
“The infrastructure and the exact tools they use match previous Chinese government-sponsored actors,” said Dmitri Alperovitch, Crowdstrike’s chief technology officer. “Like bank robbers, cybercriminals will often repeat their techniques.”
The attacks, which began September 26, targeted seven companies in the technology and pharmaceutical sectors, Crowdstrike said. The firm said it thwarted the hacking attempts, which sought to make off with intellectual property and trade secrets, which can include designs, plans and research for yet-to-be-released products.
“The primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national-security related intelligence collection,” Alperovitch said.
That kind of corporate cyberespionage happens on a daily basis. Hackers are constantly looking to gain access to companies’ file systems and servers, hoping to uncover valuable information that they can sell on the black market. In the past, U.S. intelligence officials have accused China of using its military hackers to steal American company secrets to give Chinese corporations a competitive edge.
If the hacking attempts truly came from the Chinese government, then the timing raises a few eyebrows.
President Obama and Chinese President Xi Jinping signed a no-hacking pact on September 25 — the day before the latest attacks began. The agreement stipulates that neither country will order hackers to break into companies to steal intellectual property for commercial gain.
“Frankly, the only thing that’s interesting about these attacks is that they happened after the agreement,” Alperovitch said. “Other than that, it’s run of the mill stuff we’ve seen a lot from China.”
A senior Obama administration official said it is aware of the report and it takes all incidents of corporate cybertheft seriously.
“As we move forward, we will monitor China’s cyber activities closely and press China to abide by all of its commitments,” the official said.
— Evan Perez contributed to this report.